There are so many reasons as to why people and businesses get hacked, whether this is credit card data, intellectual property or HR data, the list is endless.
We held an event in conjunction with #CyberFest - the North East's biggest cyber festival - for our clients and contacts at our HQ at Wynyard Business Park to share how, if you get the fundamentals right, your business will be better protected from cyber-attack and breaches.
Here’s what David Johnson, our Cyber Division Director, said on how to get the basics right to prevent a breach.
What’s the first step to take?
“A firewall is a good place to start. So many businesses are without a firewall or have incorrectly configured firewalls. You wouldn’t leave your front door open to your home or your keys outside the door, so why would you leave your business open to breaches? A firewall monitors your network to stop unauthorised connections and malicious software from entering your network and is a basic for any business, regardless of size. If you’re not sitting behind one of Communicate’s firewalls, ensure that your firewall is setup correctly and is up to date.”
Do cloud-based businesses need a firewall?
“Yes! Being cloud-based could have added protection, but don’t assume your data is safe and secure. Your data is still being held ‘somewhere’, meaning it is open to breaches.”
So, after installing a firewall, what’s next?
“Vulnerability scanning and patch management is key, 85% of breaches are caused by known vulnerabilities. To combat breaches, a scan can be performed. We look at your system and report on any weaknesses which hackers could use to access your data or make changes to your system. The report will provide you with advice on how to mitigate and resolve any issues.”
“Patch management is often ignored, but it is important to install software security updates to ensure discovered vulnerabilities are patched within software, operating systems and applications. We recommend patching every week to keep on top of it. It is vital that everyone in your work force is carrying out this and not postponing vital security updates. To ensure this, make it a part of your internal policies and procedures and, better still, ensure these updates are automatically scheduled on all your employees’ devices.”
Should I be concerned about 3rd parties?
“57% of breaches are caused by 3rd parties, be extra cautious if and how they handle or access your data. Check what is written in your contract of engagement and request if they have the below to understand who has your data and what they have in place to protect you, should the worst happen.”
Check whether they have:
- ISO 27001
- Cyber Essentials
How can Communicate help?
- Online bite sized Staff training - to help you and your team to recognise and prevent phishing attacks. Free trials are available
- Secure logs – we can provide a managed log collection service for just 75p per user per month, so if anything did occur you would have a record of what happened and when
- Vulnerability scanning - please get in touch with us to arrange this service
- Cyber Essentials Managed Service £49.99 per month
- Cyber Essentials Plus £450 per month - Managed Service
- Incident response retainer to help you plan and support, should an incident occur
- Full Cyber Security Review - £3,999 per geographical site
We will be running further events in the future focusing on how to better protect your business from cyber-attack. If you would like to receive invitations to join us at these events, please contact us.